Criminals are waging a nasty online campaign right now, hoping that their victims’ fears of the tax collecter will lead them to inadvertently install malicious software.
Hi pondus,
And the ever changing Zeus bot malcode is the problem there. Analysis here:
http://blog.threatexpert.com/2009/09/time-to-revisit-zeus-almighty.html
About av detection: http://www.trusteer.com/news-release-17
polonus
In other words, installing an anti-virus product and maintaining it up to date reduces the probability to get infected by Zeus by 23%, compared to running without an anti-virus altogether. The effectiveness of an up to date anti virus against Zeus is thus not 100%, not 90%, not even 50% -it’s just 23%. Conclusion We measured the efficiency of antivirus products in the wild, against Zeus. In a sense, it’s more accurate than in-the-lab experiments, since it measures the real phenomenon – the actual infections in the wild, vs. real antivirus deployment in the wild. The result we measured, efficiency level of 23%, is disturbing, and reveals that the vast majority of Zeus infections go unnoticed by antivirus products.
That is one nasty bug, does anyone know what antivirus program that detect and not?
Hi pondus,
You have avast - one of the three that detected,
pol
You have avast - one of the three that detected,And the other two are?
Hi pondus,
One was GData, other TrendMicro. (I use RUBotted). About the difficulties in detecting Zeus or Zbot, read this: http://www.damballa.com/downloads/d_pubs/WP%20Many-to-Many%20Botnet%20Relationships%20(2009-05-21).pdf
and to get to the money fast, the criminals use Yabber to have others collect. In the USA alone over 3,6 million machines are Zeus infested.
polonus
pol,
what is avast detecting it as?.
give us a vt link, if you have, please.